WebAuthn not prompting for biometric fingerprint authentication

[Deyvis17GY]

Hello, I'm using this repository for implementing passwordless authentication with Amazon Cognito and WebAuthn. Everything is set up correctly, but when I try to authenticate, I don't see the option to use biometric fingerprint authentication, only other alternatives.

[ottokruse]

That's the native browser dialog being triggered so that looks like this solution does do it's job ok but your browser doesn't understand it has a passkey it can use.

In order to understand what goes on we need to see how you created the passkey in the first place. And what type of passkey is it, Face ID or Touch ID ?

[ottokruse]

If it was a yubikey for example you should actually click on other options, and then select usb key ( from the top of my head)

[Deyvis17GY]

If it was a yubikey for example you should actually click on other options, and then select usb key ( from the top of my head)

Thanks, but I was referring to the biometric fingerprint of the cell phone. Like this example that I created on the same website but in a different route, using the @simplewebauthn/server library where the fingerprint is enabled

[ottokruse]

The bottom screen shot shows a dialog for creation a passkey, the top one for signing in with one?

[Deyvis17GY]

The bottom screen shot shows a dialog for creation a passkey, the top one for signing in with one?

In the last screenshot you can see that the biometric fingerprint is enabled correctly when using the other library @simplewebauthn/server. However, when logging in with the configuration from this repository, the fingerprint option is not activated, as it seems that it is not detected. I think that there might be an additional configuration missing for this option to be displayed. Therefore, I would like to know how I can make the biometric fingerprint that is already integrated in the device be requested.

[ottokruse]

Do I understand correctly that on the server you use @simplewebauthn/server and on the frontend you use `amazon-cognito-passwordless-auth ?

If so, that's not supported without doing some manual coding to make them speak with each other. I don't have an example of that, never looked into it.

[Deyvis17GY]

Do I understand correctly that on the server you use @simplewebauthn/server and on the frontend you use `amazon-cognito-passwordless-auth ?

If so, that's not supported without doing some manual coding to make them speak with each other. I don't have an example of that, never looked into it.

Actually, this is another example I was starting before I learned about amazon-cognito-passwordless-auth. In the example above, I was using @simplewebauthn/server in the backend and navigator.credentials in the frontend, which would enable the biometric fingerprint. However, when using amazon-cognito-passwordless-auth, both the backend and the frontend are integrated with that library, but doing so does not enable the native biometric fingerprint on the phone. So I'm wondering if there's an additional configuration or change I need to make to enable the native biometric fingerprint.

[ottokruse]

Okay :)

Can you share the JSON data of the record you have in DynamoDB? (your phone should have a record there, which is created upon creation of the paskey)